Users Concerned About Data Security, Companies Slow to Respond

New devices, apps and websites have increased the demand and use of data. We can now receive the results of a blood test, hear about a friend’s breakup, check the electricity usage of our home and watch our child play in their preschool classroom from our devices. Although online data can provide great benefit, it presents numerous security issues as well.

Do you have mobile apps that collect data on you without your consent? Do you know how companies use your disclosed data and, more importantly, is their usage benefiting you? Are there data breaches involving your information that you might not be aware of? Is your personal information available for use by other people without your permission? Unfortunately, many companies are not rising to the data security challenge, and consumers are noticing.

A recent HyTrust poll found that 73 percent of respondents don’t believe their personal and financial information shared with companies is safe. This clearly demonstrates that companies are not fulfilling consumer demand for data security, and customers may be right to worry:

The Fourth Annual Benchmark Study on Patient Privacy and Data Security by Ponemon Institute found security threats to patient hospital records. The threats include: criminal attacks, employee negligence, unsecured mobile devices (laptops, smartphones and tablets), and third parties. A November 2012 study by Edelman found that companies are not prepared to meet consumer and regulator expectations around data security and privacy. It cites lack of resources, emphasis and transparency as the root causes of this divide, with an organization’s financial and reputational risk on the line.

Data security and online privacy are changing elements in the business environment, and most companies are not responding quickly enough to this change — as seen from the Heartbleed debacle. Consumer demand is left unmet, creating an opportunity for firms that excel in this area.

“With the growing level of consumer, media and regulatory attention currently focused on privacy, businesses simply cannot afford to risk the reputational and financial damage that may result from a lack of attention to this business critical need. Rather, we see an opportunity for businesses to grow confidence and trust in their brands through thoughtful privacy and data management,” said Ben Boyd, global chair of corporate practice at Edelman.

Data security and the cloud

Data security has been an issue in the adoption of cloud computing, because users have no knowledge of where their information is stored and exactly who has access to it. The cloud also raises issues of accountability if there is in fact a data breach. Forbes recently posed the question: Will security kill the cloud?

Despite being a very complex issue, consumers will need to rise to the occasion to protect their personal information. Users need to ensure that sharing data is secure, consensual and provides value. “Most smartphones have all kinds of filters where you can turn things on and off, both on the device and the applications themselves,” said Sheila Jordan, chief information officer for Symantec. “Just think when you turn that device on, what information do you want them to know about you and not know about you. Make sure you think through that and protect your identity. It is the responsibility of the consumers to protect their own personal privacy.”

It seems that concern for personal privacy varies by generation. “Millennials are a bit more free with their information and I don’t know that they understand the implications of that,” says Jordan. “I don’t think that generation is asking all the appropriate questions. Where does this information end up, and does it help them or aid them? They are thinking more about the social aspects and benefits of it.”

Older generations are on the other end of the spectrum, according to Jordan, and may not receive the benefits of appropriate sharing of information. “I think the older generations are more skeptical of the social aspects of it. I think there are some generational biases going on, and I think we need to educate them, because I do think there are some benefits … as long as there is value to the consumer.”

Data security and privacy is only going to become more complex in the coming years, with the merging of mobile devices, the cloud, increased demand for data, and the convergence of personal and professional identities. As our online presences becomes more vast and complex, so do the privacy and security issues associated with them. These issues are at the heart of corporate social responsibility, as it puts protecting people (and their data) as a primary concern.

Sarah Lozanova is a regular contributor to environmental and energy publications and websites, including Mother Earth Living, Energy International Quarterly, Triple Pundit, Urban Farm, and Solar Today. Her experience includes work with small-scale solar energy installations and utility-scale wind farms. She earned an MBA in sustainable management from the Presidio Graduate School and she resides in Belfast Cohousing & Ecovillage in Midcoast Maine with her husband and two children.

About this series

The future of business lies within a wholly digital and connected world. Without the right systems in place to manage and protect the enterprise, however, businesses run the risk of overexposure and vulnerability for exploitation. This presents a new mantra: if it’s connected, it must be protected. In this series, we will outline some of the data security challenges facing companies and showcase data protection as both a business and social imperative.

About Symantec Corporation

Symantec protects the world’s information, and is a global leader in security, backup and availability solutions. Symantec considers the protection of information central to corporate responsibility in this digital age. Our innovative products and services protect people and information in any environment – making it possible for people to enjoy the full benefits of the connected world. We are based in California’s Silicon Valley.

Launched in June by Secretary Hillary Clinton at the 2014 Clinton Global Initiative America meeting, Symantec Cyber Career Connection (SC3) seeks to address the global workforce gap in cyber security and provide new career opportunities for young adults who may not be college-bound. In partnership with leading educational and workforce development non-profits YearUp and NPower, the program attracts, educates and trains underserved young adults (ages 18-29) to enter the exciting and in-demand field of cyber security.